FBI, DHS Warn Hospitals of 'Credible Threat' from Hackers (bloomberg.com) 20
Several federal agencies on Wednesday warned hospitals and cyber-researchers about "credible" information "of an increased and imminent cybercrime threat to U.S. hospitals and health-care providers." From a report: The FBI, the Department of Health and Human Services and the Cybersecurity and Infrastructure Security Agency, part of the Department of Homeland Security and known as CISA, said hackers were targeting the sector, "often leading to ransomware attacks, data theft and the disruption of health-care services," according to an advisory. The advisory warned that hackers might use Ryuk ransomware "for financial gain." The warning comes as Covid-19 cases and hospitalizations surge across the country. The cybersecurity company FireEye said multiple U.S hospitals had been hit by a "coordinated" ransomware attack, with at least three publicly confirming being struck this week. [...] The attack was carried out by a financially motivated cybercrime group dubbed UNC1878 by computer security researchers, according to Charles Carmakal, FireEye's strategic services chief technology officer. At least three hospitals were severely affected by ransomware on Tuesday, he said, and multiple hospitals have been hit over the past several weeks. UNC1878 intends to target and deploy ransomware to hundreds of other hospitals, Carmakal said.
a beowulf cluster (Score:1)
The Advisory (Score:4, Informative)
A little late (Score:4, Informative)
Re: (Score:2)
It would be interesting to see how many of the IT Staff they had laid off previously as a cost cutting measure.
Re: (Score:2)
The joys of the Windows PC experience. IBM says even though Macs are more expensive initially the cost is easily offset in less support staff and the higher value of hardware when it goes off lease.
Re: (Score:3)
Well often rain is predicted when we are tracking a front moving in. So it may be raining somewhere else, then we can see that it is moving our way.
Health Care is an easy target. (Score:2)
The biggest problem is that many Hospitals are often Managed by MDs. And they want to get their way when it comes to making good IT Decisions.
They want that Piece of software, while the IT guys there know how much of a POS it is. IT Security Practices where strict security issues are often rejected because it may slow them down a bit. A lot of health care technology are running off of very old architecture. A lot going across insecure network connection.
Also MDs like IT workers have this sense of super
It's not just hospitals... (Score:3)
But also the manufacturers of medical equipment using Windows as their OS. There's only so much an admin can do when that "must have" piece of medical equipment must phone home for software license verification, and runs an ancient copy of Windows. Oh, and to make it worse: upgrading or patching the OS may result in the loss of FDA certification. It's only a matter of time before Windows 10 downloads an update during a critical operation, and a patient dies, or an admin applies a Windows patch which cau
Re: (Score:2)
Horse hockey. Esp. the for-profit hospitals, along with many medical practices, are managed and/or owned by venture capitalists, and run by bean counters.
Re: (Score:1)
Re: (Score:2)
If it's ransomware, I'm willing to believe that greed was the motivation.
Re: (Score:2)
It's election week. I'm willing to believe some domestic players are building up to election chaos.
Nationalize IT (Score:2)
It's becoming clear that many private and public institutions are not able to consistently manage their IT and security infrastructure. We're at a point that computer security in both the private and public sector is now an issue of national security.
We can either let Russia, Iran, China, and unaffiliated actors commit covert acts to disrupt our country's business and terrorize civilians; or we can mount a serious national defense to minimize the scope of the damage they can do. I'll vote for the first lead
Just say no to libertarian bong hits (Score:2)
So basically you want someone to institute the "great firewall" of the USA?
You're mistaken. I did not say that.
Removing choice and nationalizing the core functionality of the internet is not the right thing to do.
Setting standards and best practices for reliable function and public safety seems like a good idea to me. Especially when you and I as consumers don't get a choice in how hospitals, power plants, and more run their security. We barely have any recourse when Target or Equifax get hacked and leak our personal data.
You definitely should regulate things when "voting with your dollar" is not feasible. And you should also seriously consider regulating industry if inconsistent
I was wrong. (Score:2)
I once wrote that hackers would carefully avoid infecting US hospitals with ransomware because the wrath of the FBI and the CIA would be monumental.
How wrong I was.
I reckoned without exactly how fucked up the priorities of the FBI really are. They'll coordinate law enforcement [torrentfreak.com] in 18 countries and make dozens of arrests because some fucking movies were copied for free, but when American critical care institutions are extorted for millions of dollars and American lives are put at risk, and in a few cases los
Re: (Score:1)
Profits over people
Considering (Score:1)